To get in touch about speaking at your event, email [email protected]
Media Packet · Press
839 items
839 items
Press
A Dice article examines why ransomware continues to rank as a critical concern for IT and security professionals due to its potential for widespread disruption and financial damage. Casey Ellis discusses the persistent threat ransomware poses to organizations and the strategies security teams employ to defend against evolving attack methods.
Press
A Security Boulevard article from January 2022 examines the rise in vulnerability disclosure programs driven by U.S. federal requirements and CISA directives. Casey Ellis comments on how federal mandates are prompting organizations to establish clearer processes for receiving and managing vulnerability reports.
Press
The Cyber Wire's Privacy Briefing for January 19, 2022, covers data breaches, ransomware threats across sectors, and vulnerability trends. Casey Ellis contributed to a Bugcrowd report highlighting a significant rise in serious vulnerabilities targeting the financial sector.
Press
A ZDNet press article reports on Bugcrowd's findings of a 185% increase in high-risk vulnerabilities discovered in the financial services industry during 2021. Casey Ellis, Bugcrowd's founder and chief technology officer, provided analysis and commentary on the security trends and implications for financial sector organizations.
Press
A Bugcrowd press release published on PR Newswire reported a 185% increase in high-risk vulnerabilities discovered in the financial sector during a specific reporting period. Casey Ellis, Bugcrowd founder and CTO, commented on the findings and their implications for financial services security practices.
Press
Security Magazine published a Bugcrowd report documenting a 185 percent increase in critical vulnerabilities across the financial sector during a period of rapid digital transformation. The report attributes the spike to accelerated technology adoption and identifies gaps in vulnerability management practices among financial institutions.
Press
SiliconANGLE published Bugcrowd research showing that financial services companies experienced a 185% increase in high-risk vulnerability submissions during a specific period. Casey Ellis, Bugcrowd's founder and CTO, contributed analysis on the escalated threat landscape and what these findings reveal about security vulnerabilities in the financial sector.
Press
Dark Reading published analysis of Bugcrowd data showing a tenfold increase in vulnerability submissions from U.S.-based hackers, indicating growth in the domestic bug hunting community. The report reflects trends Casey Ellis and Bugcrowd have tracked in coordinated vulnerability disclosure and the expanding participation of security researchers in formal bug bounty programs.
Press
Bugcrowd released a report via Response Source documenting a 185% increase in high-risk vulnerabilities discovered within the financial sector. Casey Ellis, as Bugcrowd's founder and CTO, contributed to the analysis of vulnerability trends affecting financial institutions based on the company's crowdsourced security research platform.
Press
Data Center Knowledge published an article on the Log4Shell vulnerability and its exposure of software supply chain security gaps. Casey Ellis comments on how the incident underscores the need for better visibility and collaboration across open-source ecosystems to address systemic risks.
Press
Popular Science published an explainer on bug bounty programs, how they operate, and their role in cybersecurity. Casey Ellis is quoted discussing why organizations use bounties to find vulnerabilities and the economic incentives that drive security researchers to participate.
Press
The Street published an article on biometric technology adoption at sports and entertainment venues for ticketing, payments, and personalized experiences. Casey Ellis is cited discussing security implications and best practices for implementing biometric systems at large public events.
Press
Fortune reported on more than 80 CFOs pushing back against new SEC sustainability reporting rules. Casey Ellis was among the signatories raising concerns about the proposed regulatory requirements and their operational impact.
Press
BankInfoSecurity reported on a critical remote code execution vulnerability discovered in the H2 database console that shares architectural similarities with the Log4Shell flaw. The report detailed how the vulnerability in H2's console component could enable attackers to execute arbitrary code remotely, drawing comparisons to the widespread Log4Shell incident that had recently affected numerous organizations.
Press
ZDNet published a January 2022 article covering JFrog researchers' discovery of a critical JNDI vulnerability in H2 database consoles comparable to Log4Shell. Casey Ellis contributed analysis on the vulnerability's significance and broader security implications for enterprise database environments.
Press
Protocol published an article examining six critical security flaws discovered in Microsoft Azure over the previous year and their implications for cloud platform security. Casey Ellis commented on the vulnerabilities and Microsoft's responsibility to address the systemic challenges underlying these discoveries.
Press
The Daily Swig reported on revisions the U.S. Commerce Department made to its rules governing the export of hacking tools following feedback from security researchers and practitioners. Casey Ellis contributed to the public consultation process that influenced the policy adjustments.
Press
A Washington Post article from January 2022 examines Texas primary election results and the state's security measures and audit processes. The piece discusses election integrity concerns and Texas's approach to addressing them through result verification and oversight.
Press
SC Media reported on a Los Angeles County Metropolitan Transportation Authority initiative to offer riders a free mobile security app for protecting connections on public Wi-Fi. Casey Ellis contributed security guidance for the program, helping the transit agency strengthen protections for commuters accessing the network.
Press
SC Media reported in December 2021 on a cryptomining campaign that conducted 125 attacks during Q3 2021 to hijack victims' computing resources for cryptocurrency mining. Casey Ellis contributed analysis on the campaign's methods and impact on targeted organizations.
Press
VentureBeat published an article in December 2021 examining the timing of Log4j patching priorities following critical vulnerability disclosures. Ellis offers perspective on the relative urgency of applying version 2.17.1 updates versus earlier critical patches for organizations managing vulnerability response.
Press
VentureBeat published a press item on Microsoft's launch of new Defender capabilities for identifying and remediating Log4j vulnerabilities in endpoint systems. Casey Ellis is quoted discussing the importance of the tooling in addressing the critical vulnerability landscape facing security teams.
Press
An SC Media article details the discovery of another denial-of-service vulnerability in the Log4j library requiring additional patching for affected systems. Casey Ellis comments on the security implications and remediation efforts needed to address the newly identified flaw.
Press
Threatpost published an article examining the rising tide of global cyberattacks in 2021 and the sophisticated threats posed by nation-state hacking groups. Casey Ellis provided analysis on the evolving threat landscape and the implications of state-sponsored cyber operations for organizations worldwide.
Press
A ZDNet article warns of cryptomining malware embedded in illegal torrents of Spider-Man: No Way Home circulating online. Casey Ellis discusses the security risks posed by malware-laden downloads and advises users on safe file-sharing practices.
Press
PortSwigger's Daily Swig reported on how bug bounty platforms managed an influx of thousands of Log4j vulnerability submissions from security researchers in December 2021. Casey Ellis commented on the surge in reports and the operational challenges platforms faced processing the volume of disclosures related to the critical logging library vulnerability.
Press
Mint reported on a White House summit convening tech industry leaders to address open-source software security following the Log4j vulnerability crisis. Casey Ellis participated in discussions about strengthening protections for critical open-source infrastructure.
Press
An SC Media article from December 2021 describes how attackers exploited the Log4j vulnerability to compromise and disable email servers at Belgium's Ministry of Defense. Casey Ellis commented on the incident's significance for critical infrastructure security and the urgent need for organizations to patch the widely-exploited vulnerability.
Press
VentureBeat published an article on the Log4j vulnerability warning that its full impact would unfold over an extended period as attackers locate vulnerable systems. Casey Ellis discusses the ongoing threat landscape and the delayed consequences organizations would face from the widespread nature of the flaw.
Press
SC Media published Casey Ellis's analysis of the Log4Shell vulnerability in December 2021, examining why the flaw created a perfect storm of easy exploitation and rapid spread. Ellis explores the conditions that enabled the vulnerability to proliferate quickly across software ecosystems and become exceptionally difficult to contain.